[Samba] SAMBA shares are READ ONLY to normal users

Hoang Quynh hoangquynh03 at gmail.com
Thu Jan 14 01:11:08 UTC 2021


Dear Kanito.

Please add this comment to your share:
valid users = @root @username
---------------------------------
[install]
  comment = Install
  path = /mnt/data/INSTALL
  browseable = yes
  read only = yes
  guest ok = no

[shared]
  comment = Shared
  path = /mnt/data/DATA/Shared
  browseable = yes
  read only = no
  guest ok = no
  valid users = @root

[download]
  comment = Downloads
  path = /mnt/data/DOWNLOAD
  browseable = yes
  read only = yes
  guest ok = no
  valid users = @root

Permission only this user or group can acces to this folder.

Thanks and regards.

On Thu, Jan 14, 2021 at 8:04 AM Kanito 73 via samba <samba at lists.samba.org>
wrote:

> Hello
>
> I have installed SAMBA and used the default smb conf to setup a simple
> share but only root has full RW access, normal users can only read (write
> access is forbidden) even if the share is "read only = no" and the mount
> command has the "-o RW" option.
>
> If I execute mount to see the mounted filesystems it shows the mounted
> samba shares as RW but a normal user can't write, delete or create. I only
> can see files, directories, copy from the shared directory, but it is
> impossible to write.
>
> //servername/download on /net/servername/download type cifs
> (rw,relatime,vers=3.1.1,cache=strict,username=myusername,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.1.20,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=4194304,wsize=4194304,bsiz
> e=1048576,echo_interval=60,actimeo=1)
>
> //servername/shared on /net/servername/shared type cifs
> (rw,relatime,vers=3.1.1,cache=strict,username=myusername,uid=0,noforceuid,gid=0,noforcegid,addr=192.168.1.20,file_mode=0755,dir_mode=0755,soft,nounix,serverino,mapposix,rsize=4194304,wsize=4194304,bsize=10
> 48576,echo_interval=60,actimeo=1)
>
> *** Notice that uid and gid are 0 but username is myusername ***
>
> I have a system user on the server: myusername (/home/myusername)
>
> I added it to the samba passwords: smbpasswd -a myusername
>
> I mount it: mount -t cifs -o rw //servername/shared /net/servername/shared
> (Then asks for 'myusername' password, not root password. Users are the
> same in both server and client sides.)
>
> I can see the shared directory contents at /net/servername/shared but
> can't write nothing as myusername (only as root) in the client side
>
> What can I do? Some tutorials say to use smbpasswd to add a system user as
> a samba user (and I used to do that in the past)... Other tutorials say to
> use a /.credentials or /root/.credentials file and the option credentials
> in the mount command or the fstab entry. Do I have to use both smbpasswd
> and .credentials together? It is very confusing, every tutorial shows
> something different.
>
> The physical shared directories are subdirectories from a NTFS partition
> mounted on /mnt/ (all data files reside in a large NTFS partition that can
> be accessed from Linux or Windows).
>
>
>
> THIS IS MY SMB.CONF
>
> [global]
>
>
> ## Browsing/Identification ###
>
> # Change this to the workgroup/NT-domain name your Samba server will part
> of
>    workgroup = WORKGROUP
>
> #### Networking ####
> ;   interfaces = 127.0.0.0/8 eth0
>
> #### Debugging/Accounting ####
>    log file = /var/log/samba/log.%m
>    max log size = 1000
>    logging = file
>    panic action = /usr/share/samba/panic-action %d
>
>
> ####### Authentication #######
>
>    server role = standalone server
>    obey pam restrictions = yes
>    unix password sync = yes
>    passwd program = /usr/bin/passwd %u
>    passwd chat = *Enter\snew\s*\spassword:* %n\n
> *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .
>    pam password change = yes
>    map to guest = bad user
>
>
> ########## Domains ###########
>
>
> ############ Misc ############
>
>    usershare allow guests = yes
>
>
> #======================= Share Definitions =======================
>
> [homes]
>    comment = Home Directories
>    browseable = no
>    read only = yes
>    create mask = 0700
>    directory mask = 0700
>    valid users = %S
>
> [install]
>   comment = Install
>   path = /mnt/data/INSTALL
>   browseable = yes
>   read only = yes
>   guest ok = no
>
> [shared]
>   comment = Shared
>   path = /mnt/data/DATA/Shared
>   browseable = yes
>   read only = no
>   guest ok = no
>
> [download]
>   comment = Downloads
>   path = /mnt/data/DOWNLOAD
>   browseable = yes
>   read only = yes
>   guest ok = no
>
>
> Notice that I mount the share as 'myusername' NOT AS ROOT. Only 'Shared'
> directory has read and write access, the rest are "read only = yes".
>
>
> Thanks for your help!
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
>


More information about the samba mailing list